Documentations

From IIIS-Systems
Jump to: navigation, search

Docker 镜像仓库harbor快速部署和使用

什么是Harbor?

Harbor是VMware公司最近开源的企业级Docker Registry项目, 其目标是帮助用户迅速搭建一个企业级的Docker registry服务。它以Docker公司开源的registry为基础,提供了管理UI, 基于角色的访问控制(Role Based Access Control),AD/LDAP集成、以及审计日志(Audit logging) 等企业用户需求的功能,同时还原生支持中文。Harbor的每个组件都是以Docker容器的形式构建的,使用Docker Compose来对它进行部署。

Harbor安装

首先。。一定要用pip安装docker-compose pip在/root/chenTJ里面的get-pip.py

python get-pip.py即可

git clone https://github.com/vmware/harbor

find / -name harbor.cfg

修改 hostname 10.1.0.136

这里面还需要改ldap

  1. The url for an ldap endpoint.

ldap_url = ldap://10.1.0.201/

  1. A user's DN who has the permission to search the LDAP/AD server.
  2. If your LDAP/AD server does not support anonymous search, you should configure this DN and ldap_search_pwd.
  3. ldap_searchdn = cn=Manager,dc=iiis,dc=co
  1. the password of the ldap_searchdn

ldap_search_pwd = XXXXX

  1. The base DN from which to look up a user in LDAP/AD

ldap_basedn = ou=users,dc=iiis,dc=co

  1. Search filter for LDAP/AD, make sure the syntax of the filter is correct.
  2. ldap_filter = (objectClass=inetOrgPerson)
  1. The attribute used in a search to match a user, it could be uid, cn, email, sAMAccountName or other attributes depending on your LDAP/AD

ldap_uid = cn

  1. the scope to search for users, 1-LDAP_SCOPE_BASE, 2-LDAP_SCOPE_ONELEVEL, 3-LDAP_SCOPE_SUBTREE

ldap_scope = 3

如果要用https 要在ui_url_protocol = http 改成https

然后如图所示

Mageforharbor1.jpg

Imageforharbor22.png

/root/harbor/harbor

./prepare

docker-compose up -d

就安装完毕了

= 配置Harbor pull跟push =

在 /usr/lib/systemd/system/docker.service 配置

ExecStart=/usr/bin/dockerd -s overlay -g /data/docker --insecure-registry 10.1.1.4 -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock

添加--insecure-registry 10.1.0.136

push

docker images找到相关的镜像sudo docker pull ubuntu:14.04

或者用docker login 10.1.0.136 -u ldap账号 -p ldap密码

docker tag ubuntu 10.1.0.136/test/ubuntu

docker push 10.1.0.136/test/ubuntu

pull

在10.1.0.138

docker login 10.1.0.136 -u ldap账号 -p ldap密码

docker pull 10.1.0.136/library/ubuntu:14.04

Harbor界面管理

在浏览器登录http://10.1.0.136/dashboard

账号密码可以用ldap的即可

就可以看到如下内容

WechatIMG34.jpg

参考文献:

http://www.tuicool.com/articles/z2ANb2U

https://github.com/vmware/harbor/blob/master/docs/user_guide.md

Retrieved from "http://wiki.iiis.systems:9988/w/index.php?title=Documentations&oldid=603"